oct-dec 2016 (pdf, 5mb)
Post on 13-Feb-2017
Embed Size (px)
Dangerous Turns Ahead!Staying Safe While Driving Online
National Aeronautics and Space Administration
IT TalkOctober - December 2016 Volume 6 Issue 4
IT TalkOct - Dec 2016 Volume 6 Issue 4
Office of the CIO NASA Headquarters 300 E Street, SW Washington, D.C. 20546
Chief Information Officer Renee Wynn
Editor & Publication Manager Eldora Valentine
Graphic & Web Designer Michael Porterfield
Copy Editor Meredith Isaacs
IT Talk is an official publication of the Office of the Chief Information Officer of the National Aeronautics and Space Administration, Headquarters, Washington, D.C. It is published by the OCIO office for all NASA employees and external audiences.
For distribution questions or to suggest a story idea, email: firstname.lastname@example.org
To read IT Talk online visit: www.nasa.gov/offices/ocio/ittalk
For more info on the OCIO: v www.nasa.gov/ocio v inside.nasa.gov/ocio (Internal NASA network only) v www.nasa.gov/open/
Message from the NASA CIO
Warning: Dangerous Turns AheadStaying Safe While Driving Online
Cybersecurity in the Cloud Gaining TrustWESTPrime Insights
IRD 2.016 Stand Down Day
In this Issue
October is Cybersecurity Awareness Month. Im asking all employees to Stop. Think. Connect. They are simple actions we can all do to stay safer and more secure online.
STOP: Before you use the Internet, take time to understand the risks and learn how to spot potential problems.
THINK: Take a moment to be certain that the path ahead is clear. Watch for warning signs and consider how your actions online could impact your safety or your familys.
CONNECT: Enjoy the Internet with greater confidence, knowing youve taken the right steps to safeguard yourself and your computer.
Cybersecurity is everyones responsibility! In this issue, well learn more about staying securenot just at work, but at home too!
Organizational changes within the Office of the Chief Information Officer are also contributing to NASAs improved IT security posture. Jeanette Hanna-Ruiz has been hired as NASAs Senior Agency Information Security Official (SAISO). Shes working with all our NASA Center CISOs as well as CISOs across the Federal Government on operational IT security and cybersecurity matters. We remain committed to ensuring that the best security practices are implemented at NASA and that NASA remains protected against threats.
Well also take a look at some initiatives that are helping us do our job better at the Centers. As the IT Business Services Assessment implementation marches forward, we have made significant progress in completing tasks and hitting milestones. Im happy to say that we are making great strides in posturing ourselves to be more effective and efficient in developing a dynamic operating model to meet current and future mission needs.
I hope you enjoy reading this quarters issue.
NASA Hires New Associate Chief Information Security OfficerIn August 2016, NASA welcomed the newest member of its team, Jeannette Hanna-Ruiz, Associate Chief Information Officer (ACIO) for IT Security and Senior Agency Information Security Official (SAISO).
Hanna-Ruiz is a leader with a track record of success in taking on challenging situations and delivering measurable results. She has more than 20 years of experience working in the Government, nonprofit, and private sectors as a senior leader, manager, and consultant. She brings considerable homeland and national security expertise,
having worked at the Department of Homeland Security (DHS)National Security Agency Joint Cyber Coordination Group, the Department of Transportation, and the Department of Homeland Security. She also played an important role in defining DHSs cyber mission and building up the departments cyber capabilities.
In addition to her public-sector experience, Hanna-Ruiz has worked in the private sector for Microsoft, where she was a senior leader in their services business. There, she was responsible for the identity management team and was the lead for the companys
public-sector civilian cybersecurity operations. As Director of Cyber Forensics and Cybersecurity, she led the operational delivery team for the Computer Sciences Corporation at the Department of Defense Cyber Crime Center, Defense Cyber Investigations Training Academy. She also is a professor of Cybersecurity at the University of Maryland. v
NASA OCIO IT Talk Oct - Dec 2016 3
Message from the NASA CIO
IRD 2.016 Stand Down DayBy Jaumarro A. Cuffee, JSC IRD Communications
As NASA prepares to Stop. Think. Connect. for Cybersecurity Awareness Month in October, the Information Resources Directorate (IRD) at Johnson Space Center planned a day to Stop. Think. Connect. for awareness and education about the IT Business Services Assessment (BSA) and the Federal Information Technology Acquisition Reform Act (FITARA).
IRD 2.016 Stand Down Day scheduled live and recorded salutations from NASA, JSC, and IRD leadership; presentations from members of the IRD Leadership Team about implementing the seven IT BSA Decisions and FITARA; an interactive learning activity; and an open question-and-answer session.
The IRD team and JSC key IT stakeholders were invited to stop their daily routines and
invest time in understanding how IT BSA and FITARA can help evolve Agency IT processes and programs to strengthen buying power, sustain current IT while investing in emerging technologies, and support a more secure IT infrastructure.
Presentations were crafted to share key concepts of roles and responsibilities, IT governance, data centers, communications, workstations, collaboration, IT security, and FITARA for attendees to think about. This insight would enable audience members to submit questions for the afternoon session. The initial TED-style talks were intended to help frame discussions based on facts, help to dispel some of the notions that hinder change, and get everyone to think about how the changes would affect their respective areas and organizations.
A whats new trifold, paired with Pokmon, was put together to lead participants through an interactive session. The interaction was designed to encourage reading and processing information about IT BSA and FITARA.
The afternoon agenda included an IRD Feud to share a few good answers before connecting the audience with the IRD implementation leads in an open question-and-answer session.
Stopping to focus on IT BSA and FITARA, thinking about the upcoming changes by engaging in activities, and connecting through lively presentations and Q&A sessions, IRD strives to encourage its team members and Center IT influencers to embrace the coming changes and work together to evolve IT processes and programs in support of NASA missions now, and for the future. v
Photographs: (NASA/James Blair)
JPL Selects Wes Gavins as New Chief Information Security OfficerBy Whitney Haggins, IT Communication Strategist, Jet Propulsion Laboratory, California Institute of Technology
Sylvester Wes Gavins was selected in July as the Jet Propulsion Laboratorys (JPLs) new Chief Information Security Officer (CISO). Gavins came to JPL from Booz Allen Hamilton, where he was a senior manager and chief technologist over cybersecurity, IT compliance, and system/network security. Prior to joining Booz Allen, Gavins was a captain in the United States Marine Corps (USMC), where he served as a communications and information systems officer. He brings over 25 years of experience in cybersecurity, systems engineering, business analysis, project
management, and risk management in the telecommunications, aerospace, defense, and commercial industries.
In his role as JPL CISO, Gavins will
1. provide strategic direction for all cybersecurity technology areas, including applications, networks, and storage;
2. serve as the authority and primary JPL representative on internal and external security architecture teams;
3. be responsible for selecting solutions to enhance security controls; and
4. conduct risk assessments for major Lab-wide processes and make major security risk decisions.
Gavins holds a masters degree in telecommunications systems management. Additionally, Gavins is Certified in Risk and Information Systems Control (CRISC), a Certified Ethical Hacker (CEH), and a Certified Expert Independent Auditor (CEIA). v
CAS High-End Collaboration Conference FacilitiesBy the CAS Collaboration Rooms Team
The Office of the Chief Information Officer and Aeronautics Research Mission Directorate (ARMD) have formed a partnership to deploy Convergent Aeronautics Solutions (CAS) collaboration rooms outfitted with high-end collaboration and conferencing capabilities. The CAS Project, within the Transformative Aeronautics Concepts (TAC) Program, is implementing 10 state-of-the-art collaboration facilities. The goals of TAC and CAS are to make rapid and significant advancements in aeronautics technologies. Some of the methodologies to achieve the goals of CAS are leading inter-Center discussions and teaming, simultaneously leveraging and integrating cross-Center expertise, generating ideas, conducting rapid feasibility assessments, and providing opportunities to all researchers to advance aeronautics by participating in CAS processes.
The CAS collaboration rooms, based on Mezzanine technology by Oblong Industries, Inc., provide interactive ultra-
high-definition audiovisual collaboration for multiple users (either local or remote) in a shared digital workspace. Although video t